minkube is changing ptrace_scope and not changing it back #21928
Description
What Happened?
When I start minikube, it resets that ptrace_scope option from "0" (which is what I want) to "1". Then when it exits, it doesn't change it back again:
$ cat /proc/sys/kernel/yama/ptrace_scope
0
$ minikube start
😄 minikube v1.36.0 on Ubuntu 20.04
✨ Automatically selected the docker driver
📌 Using Docker driver with root privileges
👍 Starting "minikube" primary control-plane node in "minikube" cluster
🚜 Pulling base image v0.0.47 ...
🔥 Creating docker container (CPUs=2, Memory=12000MB) ...
🐳 Preparing Kubernetes v1.33.1 on Docker 28.1.1 ...
▪ Generating certificates and keys ...
▪ Booting up control plane ...
▪ Configuring RBAC rules ...
🔗 Configuring bridge CNI (Container Networking Interface) ...
🔎 Verifying Kubernetes components...
▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🌟 Enabled addons: storage-provisioner, default-storageclass
🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
$ cat /proc/sys/kernel/yama/ptrace_scope
1
Then when I delete it, it's left as "1":
$ minikube delete
🔥 Deleting "minikube" in docker ...
🔥 Deleting container "minikube" ...
🔥 Removing /home/svc_nuobuild/.minikube/machines/minikube ...
💀 Removed all traces of the "minikube" cluster.
$ cat /proc/sys/kernel/yama/ptrace_scope
1
I have to re-run sysctl or reboot (or change it by hand), to fix it again.
This breaks my CI/CD environment because my build accounts don't have root privileges so they can't fix this, and some of our tests require ptrace_scope to be 0 else they fail.
Attach the log file
Operating System
Ubuntu
Driver
Docker